/** * Create selector for workspaces and change workspace if command is given to do that. * * @return string HTML */ function workspaceSelector() { global $TYPO3_DB, $BE_USER, $LANG; // Changing workspace and if so, reloading entire backend: if (strlen($this->changeWorkspace)) { $BE_USER->setWorkspace($this->changeWorkspace); return $this->doc->wrapScriptTags('top.location.href="' . t3lib_BEfunc::getBackendScript() . '";'); } // Changing workspace and if so, reloading entire backend: if (strlen($this->changeWorkspacePreview)) { $BE_USER->setWorkspacePreview($this->changeWorkspacePreview); } // Create options array: $options = array(); if ($BE_USER->checkWorkspace(array('uid' => 0))) { $options[0] = '[' . $LANG->getLL('shortcut_onlineWS') . ']'; } if ($BE_USER->checkWorkspace(array('uid' => -1))) { $options[-1] = '[' . $LANG->getLL('shortcut_offlineWS') . ']'; } // Add custom workspaces (selecting all, filtering by BE_USER check): $workspaces = $TYPO3_DB->exec_SELECTgetRows('uid,title,adminusers,members,reviewers', 'sys_workspace', 'pid=0' . t3lib_BEfunc::deleteClause('sys_workspace'), '', 'title'); if (count($workspaces)) { foreach ($workspaces as $rec) { if ($BE_USER->checkWorkspace($rec)) { $options[$rec['uid']] = $rec['uid'] . ': ' . $rec['title']; } } } // Build selector box: if (count($options)) { foreach ($options as $value => $label) { $selected = (int) $BE_USER->workspace === $value ? ' selected="selected"' : ''; $options[$value] = '<option value="' . htmlspecialchars($value) . '"' . $selected . '>' . htmlspecialchars($label) . '</option>'; } } else { $options[] = '<option value="-99">' . $LANG->getLL('shortcut_noWSfound', 1) . '</option>'; } $selector = ''; // Preview: if ($BE_USER->workspace !== 0) { $selector .= '<label for="workspacePreview">Frontend Preview:</label> <input type="checkbox" name="workspacePreview" id="workspacePreview" onclick="changeWorkspacePreview(' . ($BE_USER->user['workspace_preview'] ? 0 : 1) . ')"; ' . ($BE_USER->user['workspace_preview'] ? 'checked="checked"' : '') . '/> '; } $selector .= '<a href="mod/user/ws/index.php" target="content">' . t3lib_iconWorks::getSpriteIconForRecord('sys_workspace', array()) . '</a>'; if (count($options) > 1) { $selector .= '<select name="_workspaceSelector" onchange="changeWorkspace(this.options[this.selectedIndex].value);">' . implode('', $options) . '</select>'; } return $selector; }
/** * Main function for Workspace Manager module. * * @return void */ function main() { global $LANG, $BE_USER, $BACK_PATH; // See if we need to switch workspace $changeWorkspace = t3lib_div::_GET('changeWorkspace'); if ($changeWorkspace != '') { $BE_USER->setWorkspace($changeWorkspace); $this->content .= $this->doc->wrapScriptTags('top.location.href="' . $BACK_PATH . t3lib_BEfunc::getBackendScript() . '";'); } else { // Starting page: $this->content .= $this->doc->header($LANG->getLL('title')); $this->content .= $this->doc->spacer(5); // Get usernames and groupnames $be_group_Array = t3lib_BEfunc::getListGroupNames('title,uid'); $groupArray = array_keys($be_group_Array); // Need 'admin' field for t3lib_iconWorks::getIconImage() $this->be_user_Array_full = $this->be_user_Array = t3lib_BEfunc::getUserNames('username,usergroup,usergroup_cached_list,uid,admin,workspace_perms'); if (!$GLOBALS['BE_USER']->isAdmin()) { $this->be_user_Array = t3lib_BEfunc::blindUserNames($this->be_user_Array, $groupArray, 1); } // Build top menu: $menuItems = array(); $menuItems[] = array('label' => $LANG->getLL('menuitem_review'), 'content' => $this->moduleContent_publish()); $menuItems[] = array('label' => $LANG->getLL('menuitem_workspaces'), 'content' => $this->moduleContent_workspaceList()); // Add hidden fields and create tabs: $content = $this->doc->getDynTabMenu($menuItems, 'user_ws'); $this->content .= $this->doc->section('', $content, 0, 1); // Setting up the buttons and markers for docheader $docHeaderButtons = $this->getButtons(); // $markers['CSH'] = $docHeaderButtons['csh']; } $markers['CONTENT'] = $this->content; // Build the <body> for the module $this->content = $this->doc->startPage($LANG->getLL('title')); $this->content .= $this->doc->moduleBody($this->pageinfo, $docHeaderButtons, $markers); $this->content .= $this->doc->endPage(); $this->content = $this->doc->insertStylesAndJS($this->content); }
/** * Checks if a submission of username and password is present or use other authentication by auth services * * @return void * @internal */ function checkAuthentication() { // No user for now - will be searched by service below $tempuserArr = array(); $tempuser = FALSE; // User is not authenticated by default $authenticated = FALSE; // User want to login with passed login data (name/password) $activeLogin = FALSE; // Indicates if an active authentication failed (not auto login) $this->loginFailure = FALSE; if ($this->writeDevLog) { t3lib_div::devLog('Login type: ' . $this->loginType, 't3lib_userAuth'); } // The info array provide additional information for auth services $authInfo = $this->getAuthInfoArray(); // Get Login/Logout data submitted by a form or params $loginData = $this->getLoginFormData(); if ($this->writeDevLog) { t3lib_div::devLog('Login data: ' . t3lib_div::arrayToLogString($loginData), 't3lib_userAuth'); } // active logout (eg. with "logout" button) if ($loginData['status'] == 'logout') { if ($this->writeStdLog) { $this->writelog(255, 2, 0, 2, 'User %s logged out', array($this->user['username'])); } // Logout written to log if ($this->writeDevLog) { t3lib_div::devLog('User logged out. Id: ' . $this->id, 't3lib_userAuth', -1); } $this->logoff(); } // active login (eg. with login form) if ($loginData['status'] == 'login') { $activeLogin = TRUE; if ($this->writeDevLog) { t3lib_div::devLog('Active login (eg. with login form)', 't3lib_userAuth'); } // check referer for submitted login values if ($this->formfield_status && $loginData['uident'] && $loginData['uname']) { $httpHost = t3lib_div::getIndpEnv('TYPO3_HOST_ONLY'); if (!$this->getMethodEnabled && ($httpHost != $authInfo['refInfo']['host'] && !$GLOBALS['TYPO3_CONF_VARS']['SYS']['doNotCheckReferer'])) { throw new RuntimeException('TYPO3 Fatal Error: Error: This host address ("' . $httpHost . '") and the referer host ("' . $authInfo['refInfo']['host'] . '") mismatches!<br /> It\'s possible that the environment variable HTTP_REFERER is not passed to the script because of a proxy.<br /> The site administrator can disable this check in the "All Configuration" section of the Install Tool (flag: TYPO3_CONF_VARS[SYS][doNotCheckReferer]).', 1270853930); } // delete old user session if any $this->logoff(); } // Refuse login for _CLI users, if not processing a CLI request type // (although we shouldn't be here in case of a CLI request type) if (strtoupper(substr($loginData['uname'], 0, 5)) == '_CLI_' && !(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_CLI)) { throw new RuntimeException('TYPO3 Fatal Error: You have tried to login using a CLI user. Access prohibited!', 1270853931); } } // the following code makes auto-login possible (if configured). No submitted data needed // determine whether we need to skip session update. // This is used mainly for checking session timeout without // refreshing the session itself while checking. if (t3lib_div::_GP('skipSessionUpdate')) { $skipSessionUpdate = true; } else { $skipSessionUpdate = false; } // re-read user session $authInfo['userSession'] = $this->fetchUserSession($skipSessionUpdate); $haveSession = is_array($authInfo['userSession']) ? TRUE : FALSE; if ($this->writeDevLog) { if ($haveSession) { t3lib_div::devLog('User session found: ' . t3lib_div::arrayToLogString($authInfo['userSession'], array($this->userid_column, $this->username_column)), 't3lib_userAuth', 0); } if (is_array($this->svConfig['setup'])) { t3lib_div::devLog('SV setup: ' . t3lib_div::arrayToLogString($this->svConfig['setup']), 't3lib_userAuth', 0); } } // fetch user if ... if ($activeLogin || !$haveSession && $this->svConfig['setup'][$this->loginType . '_fetchUserIfNoSession'] || $this->svConfig['setup'][$this->loginType . '_alwaysFetchUser']) { // use 'auth' service to find the user // first found user will be used $serviceChain = ''; $subType = 'getUser' . $this->loginType; while (is_object($serviceObj = t3lib_div::makeInstanceService('auth', $subType, $serviceChain))) { $serviceChain .= ',' . $serviceObj->getServiceKey(); $serviceObj->initAuth($subType, $loginData, $authInfo, $this); if ($row = $serviceObj->getUser()) { $tempuserArr[] = $row; if ($this->writeDevLog) { t3lib_div::devLog('User found: ' . t3lib_div::arrayToLogString($row, array($this->userid_column, $this->username_column)), 't3lib_userAuth', 0); } // user found, just stop to search for more if not configured to go on if (!$this->svConfig['setup'][$this->loginType . '_fetchAllUsers']) { break; } } unset($serviceObj); } unset($serviceObj); if ($this->writeDevLog && $this->svConfig['setup'][$this->loginType . '_alwaysFetchUser']) { t3lib_div::devLog($this->loginType . '_alwaysFetchUser option is enabled', 't3lib_userAuth'); } if ($this->writeDevLog && $serviceChain) { t3lib_div::devLog($subType . ' auth services called: ' . $serviceChain, 't3lib_userAuth'); } if ($this->writeDevLog && !count($tempuserArr)) { t3lib_div::devLog('No user found by services', 't3lib_userAuth'); } if ($this->writeDevLog && count($tempuserArr)) { t3lib_div::devLog(count($tempuserArr) . ' user records found by services', 't3lib_userAuth'); } } // If no new user was set we use the already found user session if (!count($tempuserArr) && $haveSession) { $tempuserArr[] = $authInfo['userSession']; $tempuser = $authInfo['userSession']; // User is authenticated because we found a user session $authenticated = TRUE; if ($this->writeDevLog) { t3lib_div::devLog('User session used: ' . t3lib_div::arrayToLogString($authInfo['userSession'], array($this->userid_column, $this->username_column)), 't3lib_userAuth'); } } // Re-auth user when 'auth'-service option is set if ($this->svConfig['setup'][$this->loginType . '_alwaysAuthUser']) { $authenticated = FALSE; if ($this->writeDevLog) { t3lib_div::devLog('alwaysAuthUser option is enabled', 't3lib_userAuth'); } } // Authenticate the user if needed if (count($tempuserArr) && !$authenticated) { foreach ($tempuserArr as $tempuser) { // use 'auth' service to authenticate the user // if one service returns FALSE then authentication failed // a service might return 100 which means there's no reason to stop but the user can't be authenticated by that service if ($this->writeDevLog) { t3lib_div::devLog('Auth user: '******'t3lib_userAuth'); } $serviceChain = ''; $subType = 'authUser' . $this->loginType; while (is_object($serviceObj = t3lib_div::makeInstanceService('auth', $subType, $serviceChain))) { $serviceChain .= ',' . $serviceObj->getServiceKey(); $serviceObj->initAuth($subType, $loginData, $authInfo, $this); if (($ret = $serviceObj->authUser($tempuser)) > 0) { // if the service returns >=200 then no more checking is needed - useful for IP checking without password if (intval($ret) >= 200) { $authenticated = TRUE; break; } elseif (intval($ret) >= 100) { // Just go on. User is still not authenticated but there's no reason to stop now. } else { $authenticated = TRUE; } } else { $authenticated = FALSE; break; } unset($serviceObj); } unset($serviceObj); if ($this->writeDevLog && $serviceChain) { t3lib_div::devLog($subType . ' auth services called: ' . $serviceChain, 't3lib_userAuth'); } if ($authenticated) { // leave foreach() because a user is authenticated break; } } } // If user is authenticated a valid user is in $tempuser if ($authenticated) { // reset failure flag $this->loginFailure = FALSE; // Insert session record if needed: if (!($haveSession && ($tempuser['ses_id'] == $this->id || $tempuser['uid'] == $authInfo['userSession']['ses_userid']))) { $this->createUserSession($tempuser); // The login session is started. $this->loginSessionStarted = TRUE; } // User logged in - write that to the log! if ($this->writeStdLog && $activeLogin) { $this->writelog(255, 1, 0, 1, 'User %s logged in from %s (%s)', array($tempuser[$this->username_column], t3lib_div::getIndpEnv('REMOTE_ADDR'), t3lib_div::getIndpEnv('REMOTE_HOST')), '', '', '', -1, '', $tempuser['uid']); } if ($this->writeDevLog && $activeLogin) { t3lib_div::devLog('User ' . $tempuser[$this->username_column] . ' logged in from ' . t3lib_div::getIndpEnv('REMOTE_ADDR') . ' (' . t3lib_div::getIndpEnv('REMOTE_HOST') . ')', 't3lib_userAuth', -1); } if ($this->writeDevLog && !$activeLogin) { t3lib_div::devLog('User ' . $tempuser[$this->username_column] . ' authenticated from ' . t3lib_div::getIndpEnv('REMOTE_ADDR') . ' (' . t3lib_div::getIndpEnv('REMOTE_HOST') . ')', 't3lib_userAuth', -1); } if ($GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] == 3 && $this->user_table == 'be_users') { $requestStr = substr(t3lib_div::getIndpEnv('TYPO3_REQUEST_SCRIPT'), strlen(t3lib_div::getIndpEnv('TYPO3_SITE_URL') . TYPO3_mainDir)); $backendScript = t3lib_BEfunc::getBackendScript(); if ($requestStr == $backendScript && t3lib_div::getIndpEnv('TYPO3_SSL')) { list(, $url) = explode('://', t3lib_div::getIndpEnv('TYPO3_SITE_URL'), 2); list($server, $address) = explode('/', $url, 2); if (intval($TYPO3_CONF_VARS['BE']['lockSSLPort'])) { $sslPortSuffix = ':' . intval($TYPO3_CONF_VARS['BE']['lockSSLPort']); $server = str_replace($sslPortSuffix, '', $server); // strip port from server } t3lib_utility_Http::redirect('http://' . $server . '/' . $address . TYPO3_mainDir . $backendScript); } } } elseif ($activeLogin || count($tempuserArr)) { $this->loginFailure = TRUE; if ($this->writeDevLog && !count($tempuserArr) && $activeLogin) { t3lib_div::devLog('Login failed: ' . t3lib_div::arrayToLogString($loginData), 't3lib_userAuth', 2); } if ($this->writeDevLog && count($tempuserArr)) { t3lib_div::devLog('Login failed: ' . t3lib_div::arrayToLogString($tempuser, array($this->userid_column, $this->username_column)), 't3lib_userAuth', 2); } } // If there were a login failure, check to see if a warning email should be sent: if ($this->loginFailure && $activeLogin) { if ($this->writeDevLog) { t3lib_div::devLog('Call checkLogFailures: ' . t3lib_div::arrayToLogString(array('warningEmail' => $this->warningEmail, 'warningPeriod' => $this->warningPeriod, 'warningMax' => $this->warningMax)), 't3lib_userAuth', -1); } $this->checkLogFailures($this->warningEmail, $this->warningPeriod, $this->warningMax); } }
/** * Creates the content for the "edit" section ("module") of the Admin Panel * * @return string HTML content for the section. Consists of a string with table-rows with four columns. * @see display() */ protected function getEditModule() { $out = $this->extGetHead('edit'); if ($GLOBALS['BE_USER']->uc['TSFE_adminConfig']['display_edit']) { // If another page module was specified, replace the default Page module with the new one $newPageModule = trim($GLOBALS['BE_USER']->getTSConfigVal('options.overridePageModule')); $pageModule = t3lib_BEfunc::isModuleSetInTBE_MODULES($newPageModule) ? $newPageModule : 'web_layout'; $this->extNeedUpdate = true; $out .= $this->extGetItem('edit_displayFieldIcons', '', '<input type="hidden" name="TSFE_ADMIN_PANEL[edit_displayFieldIcons]" value="0" /><input type="checkbox" name="TSFE_ADMIN_PANEL[edit_displayFieldIcons]" value="1"' . ($GLOBALS['BE_USER']->uc['TSFE_adminConfig']['edit_displayFieldIcons'] ? ' checked="checked"' : '') . ' />'); $out .= $this->extGetItem('edit_displayIcons', '', '<input type="hidden" name="TSFE_ADMIN_PANEL[edit_displayIcons]" value="0" /><input type="checkbox" name="TSFE_ADMIN_PANEL[edit_displayIcons]" value="1"' . ($GLOBALS['BE_USER']->uc['TSFE_adminConfig']['edit_displayIcons'] ? ' checked="checked"' : '') . ' />'); $out .= $this->extGetItem('edit_editFormsOnPage', '', '<input type="hidden" name="TSFE_ADMIN_PANEL[edit_editFormsOnPage]" value="0" /><input type="checkbox" name="TSFE_ADMIN_PANEL[edit_editFormsOnPage]" value="1"' . ($GLOBALS['BE_USER']->uc['TSFE_adminConfig']['edit_editFormsOnPage'] ? ' checked="checked"' : '') . ' />'); $out .= $this->extGetItem('edit_editNoPopup', '', '<input type="hidden" name="TSFE_ADMIN_PANEL[edit_editNoPopup]" value="0" /><input type="checkbox" name="TSFE_ADMIN_PANEL[edit_editNoPopup]" value="1"' . ($GLOBALS['BE_USER']->uc['TSFE_adminConfig']['edit_editNoPopup'] ? ' checked="checked"' : '') . ' />'); $out .= $this->extGetItem('', $this->ext_makeToolBar()); if (!t3lib_div::_GP('ADMCMD_view')) { $out .= $this->extGetItem('', '<a href="#" onclick="' . htmlspecialchars(' if (parent.opener && parent.opener.top && parent.opener.top.TS) { parent.opener.top.fsMod.recentIds["web"]=' . intval($GLOBALS['TSFE']->page['uid']) . '; if (parent.opener.top.content && parent.opener.top.content.nav_frame && parent.opener.top.content.nav_frame.refresh_nav) { parent.opener.top.content.nav_frame.refresh_nav(); } parent.opener.top.goToModule("' . $pageModule . '"); parent.opener.top.focus(); } else { vHWin=window.open(\'' . TYPO3_mainDir . t3lib_BEfunc::getBackendScript() . '\',\'' . md5('Typo3Backend-' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']) . '\',\'status=1,menubar=1,scrollbars=1,resizable=1\'); vHWin.focus(); } return false; ') . '">' . $this->extGetLL('edit_openAB') . '</a>'); } } return $out; }